From d0288835766a395f4289da2cea1a8f367826aaeb Mon Sep 17 00:00:00 2001 From: Joseph Goydish II Date: Fri, 28 Nov 2025 16:35:44 -0500 Subject: [PATCH] Update README.md --- README.md | 70 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) diff --git a/README.md b/README.md index 3159192..f55f47c 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,72 @@ # iCloud-PCS-Corruption CVE Pending - Apple iOS iCloud Backup Lacks PCS Keychain Integrity Validation + +**CVE:** Pending Assignment +**CVSS:** 8.1 (HIGH) +**Discoverer:** Joseph Goydish II +**Discovery Date:** November 27, 2025 +**Status:** Coordinated Disclosure in Progress + +--- + +## Summary + +Apple's iCloud backup system does not validate the integrity of Protected Cloud Storage (PCS) keychain data during backup creation or restoration. This allows corrupted keychain entries to persist indefinitely in user backups and restore silently to devices without detection or user warning. + +## Impact + +- Affects all iOS/iPadOS users with iCloud backup enabled +- Enables indefinite persistence of keychain corruption across devices +- Bypasses security patches through backup restoration +- Affects ALL past iOS vulnerabilities (not just recent exploits) +- No user remediation tools available + +## Discovery + +This vulnerability was discovered on November 27, 2025 through diagnostic analysis of an iOS 26.1 device showing: +- Corrupted keychain state (`circle_status: "Error"`) +- All PCS views showing `"unknown"` status +- Invalid epoch timestamps (1970-01-01) in keychain entries +- Active iCloud backup syncing corrupted data without validation + +## Disclosure Status + +- **Vendor Notification:** November 28, 2025 + - Apple Product Security (Tracking: OE01004512688207) +- **US-CERT Coordination:** November 28, 2025 + - CISA VINCE portal submission (Tracking: VRF#25-11-SQRSK) + - **CVE Assignment:** Pending +- **Public Disclosure:** Following coordinated disclosure timeline + +## Repository Contents + +- `VULNERABILITY_REPORT.md` - Complete technical analysis and CVE request +- `evidence/` - Diagnostic files from iOS 26.1 device +- `submissions/` - Documentation of disclosure process +- `TIMELINE.md` - Discovery and disclosure chronology + +## Attribution + +**Discovered by:** Joseph Goydish II +**Contact:** 077sanbox_escape@proton.me +**Discovery Date:** November 27, 2025 + +## Disclosure Policy + +This repository is currently **PRIVATE** during coordinated disclosure with Apple and US-CERT. It will be made public following: +- CVE assignment, AND +- Vendor patch availability, OR +- 90 days from vendor notification (standard disclosure timeline) + +Whichever comes first. + +--- + +**Copyright © 2025 Joseph Goydish II. All rights reserved.** + +This research may be freely shared for educational and security purposes with proper attribution. +EOF + +git add README.md +git commit -m "Add README with discovery attribution and disclosure status" +git push origin main